TNW Creations Ranked Top 15 Military Veteran Digital Marketing Agency in the United States for 2023 Read More


The U.S. Small Business Administration Spotlight features TNW Creations' CEO Erin LaVaux Quarles Read More


WooCommerce, Intuit, TurboTax & QuickBooks among MailChimp Data Breached Accounts

WooCommerce sent an email with this statement to account holders today,

 

"On January 12, 2023, we were notified about an unauthorized breach of Mailchimp, a communications tool WooCommerce uses to send emails to customers who have opted in. Our account is one of 130+ that appear to have been impacted by this security incident.

 

This breach may have resulted in some of the information you've shared with us, including your name, store URL, and email address, being exposed. No payment data, passwords, or other sensitive security information is part of this breach.

 

Your store and customer data have not been impacted by this incident, nor have your WordPress.com or WooCommerce.com accounts. This was not a breach of WordPress.com or WooCommerce.com.

What happens next?

 

At this time, no action is required on your part.

 

There is no indication the person who engaged in unauthorized access to Mailchimp has taken any action with the exposed information. However, we are contacting you out of an abundance of caution to alert you to that possibility in the future. We have confirmed with Mailchimp that our account is secure and follows all security best practices, and are working with them to better understand the cause of this breach and what they're doing to prevent similar incidents in the future.

 

If you have any questions about Mailchimp's breach, please feel free to contact us.

We apologize for any issues or concerns this may have caused, and we will keep you updated if any new information arises."

This coming in on the heels of a very recent social engineering hack suffered by the company, MailChimp and their clients have experienced two data breaches in less than a year.

 

Previously, in March 2022 and again in January 2023. The most recent hack affected such giants as WooCommerce.

 

MailChimp announced the latest breach on January 13, 2023 here:

https://mailchimp.com/january-2023-security-incident/?=7194ef805fa2d04b0f7e8c9521f97343

WooCommerce, Intuit, TurboTax, QuickBooks and others were among the MailChimp data breached accounts.


 

MailChimp Announcement:

 

"On January 11, the Mailchimp Security team identified an unauthorized actor accessing one of our tools used by Mailchimp customer-facing teams for customer support and account administration. The unauthorized actor conducted a social engineering attack on Mailchimp employees and contractors, and obtained access to select Mailchimp accounts using employee credentials compromised in that attack.

 

Based on our investigation to date, this targeted incident has been limited to 133 Mailchimp accounts, and there is no evidence that this compromised customer data beyond these Mailchimp accounts.

 

After we identified evidence of an unauthorized actor, we temporarily suspended account access for Mailchimp accounts where we detected suspicious activity to protect our users’ data. We notified the primary contacts for all affected accounts on January 12, less than 24 hours after initial discovery.

 

That afternoon, we sent another email to affected accounts with steps to help users reinstate access to their Mailchimp accounts safely. Since then, we’ve been working with our users directly to help them reinstate their accounts, answer questions, and provide any additional support they need. If you have questions regarding a notice you received or the incident in general, please reach out to ciso@mailchimp.com.

 

We know that incidents like this can cause uncertainty, and we’re deeply sorry for any frustration. We are continuing our investigation and will be providing impacted account holders with timely and accurate information throughout the process.

Originally published on January 13, 2023"

TNW Creations is a Web Development & Media Publishing Agency in Austin, Texas. Web Development, cyber security, web design, clean energy web host, Advanced SEO, Digital Marketing and more since 1995.

I've been programming, designing, writing and publishing professionally online since 1995. I've worn many hats throughout my life, but the common core of my career has always been media. Besides the portfolio you see on TNW Creations, my internet presence has been substantial for over 2 decades. In 1995, while still in college, I founded TNW Creations and became part of the grassroots development for teaching the Lakhota language online. By 2004, my bilingual work was listed on many sites, including National Geographic , Encarta and Touchstone Pictures Hidalgo. When I'm not developing and writing, you'll find me managing MagicStoryLand.Com, creating kid-friendly game & video content, investigating and initating hostile website takedowns, posting salty articles about cyber threats, moderating UnifyLife.Org and enjoying my  community, church & family.